/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */

package com.mlbs.session;

import com.mlbs.entity.Credential;
import com.mlbs.entity.Device;
import com.mlbs.entity.Usersession;
import com.mlbs.entity.Usertable;
import java.util.Date;
import javax.ejb.Stateless;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;

/**
 * Responsible for providing authentication services in the middleware. These services
 * include authentacition, validation and other tasks related to maintaining users credentials
 * 
 * @author hubharan
 */
@PersistenceContext(name="mlbs-ejbPU", unitName="mlbs-ejbPU")
@Stateless
public class AuthenticationSBBean implements AuthenticationSBLocal {
    @PersistenceContext(unitName="mlbs-ejbPU")
    private EntityManager em;
    
    public EntityManager getEntityManager() {
        return em;
    }

    /**
     * Authenticates ths device ID and the pin.
     * @param deviceId Device identification
     * @param password security pin for the device
     * @return Session object is authentication is successful, else returns null
     */
    public String authenticate(String deviceId, String password) {
        Device dev = (Device)getEntityManager().
                createNamedQuery("Device.findByDeviceid").
                setParameter("deviceid", deviceId).getSingleResult();
        Usertable user =  dev.getUserid();
        String passwd = user.getCredential().getPassword();
        if(passwd.equals(password)){
         Usersession session = new Usersession(user.getUserId());
         session.setCredential(user.getCredential());
         session.setLastlogin(new Date());
         session.setSession(user.getDisplayName() + user.getFirstName());
         persist(session);
         return session.getSession();
        }
        return null;
    }

    /**
     * Resets the password for a given device by verifying the challenge question and
     * answer. If the verification is successful then it updates the new password.
     * @param deviceId Device identification
     * @param challengeId Id of the challenge question
     * @param challengeAnswer answer
     * @param newPassword password 
     * @return true if success, else false
     */
    public boolean resetPassword(String deviceId, String challengeId, String challengeAnswer, String newPassword) {
        Device dev = (Device)getEntityManager().
                createNamedQuery("Device.findByDeviceid").
                setParameter("deviceid", deviceId).getSingleResult();
        Usertable user =  dev.getUserid();
        if(user.getChallengeId().equals(new Integer(challengeId)) && user.getChallengeAnswer().equals(challengeAnswer)){
            Credential cer = user.getCredential();
            cer.setPassword(newPassword);
            persist(cer);
            return true;
        }
        return false;
    }

    public void persist(Object object) {
        em.persist(object);
    }
    
    // Add business logic below. (Right-click in editor and choose
    // "EJB Methods > Add Business Method" or "Web Service > Add Operation")
 
    
    
}


